Hà Vy Anh

1. Main Task:

• Understand and evaluate the design effectiveness of IT General Controls and IT Application Controls based on client policies and procedures, following EY IT Audit Methodology, with a primary focus on Change Management and Access Management processes. Develop test plans and conduct effectiveness testing for client IT general and application controls during the audit period.
• Assess the design and operating effectiveness against key control points to identify deficiencies (if any) and provide recommendations to clients.
• Experienced in assessing IT controls, policies, and procedures for alignment with industry standards.
• Knowledge of SBV regulations (TT09), global frameworks (SOX, COBIT), and international standards (ISO 27001).
• Major engagements: Vietcombank, Techcombank, VPBank, VIB, MSB, Vinfast (SOX-US), VNPAY.

2. Gained Knowledge and Skills:

• Hands-on experience in auditing and preparing IT Audit reports for major and complex client IT systems regarding IT General and Application Controls, especially in the banking sector.
• Proficient in using Excel, SQL, and Alteryx to analyze data and perform testing for automated controls
• Mentored and led a team of 5 auditors to perform IT audit procedures.